cbcvebase.
CVE-2023-22458
published 2023-01-20

CVE-2023-22458: Redis is an in-memory database that persists on disk. Authenticated users can issue a `HRANDFIELD` or `ZRANDMEMBER` command with specially crafted arguments to…

PriorityP346medium5.5CVSS 3.1
AVLACLPRLUINSUCNINAH
EPSS
69.36%
99.3th percentile
Redis is an in-memory database that persists on disk. Authenticated users can issue a `HRANDFIELD` or `ZRANDMEMBER` command with specially crafted arguments to trigger a denial-of-service by crashing Redis with an assertion failure. This problem affects Redis versions 6.2 or newer up to but not including 6.2.9 as well as versions 7.0 up to but not including 7.0.8. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Affected

10 ranges
VendorProductVersion rangeFixed in
debianredis< redis 5:7.0.8-1 (bookworm)redis 5:7.0.8-1 (bookworm)
msrccbl2_redis_6.2.9-1_on_cbl_mariner_2.0
msrccm1_redis_6.2.7-3_on_cbl_mariner_1.0
redisredis
redisredis
redisredis>= 0 < 5:7.0.8-15:7.0.8-1
redisredis>= 0 < 5:7.0.8-15:7.0.8-1
redisredis>= 0 < 5:7.0.8-15:7.0.8-1
redisredis>= 6.2.0 < 6.2.96.2.9
redisredis>= 7.0.0 < 7.0.87.0.8

Detection & IOCsextracted from sources · hover to see the quote

  • Monitor for use of HRANDFIELD or ZRANDMEMBER Redis commands with specially crafted (unusual/large) arguments, which can trigger an assertion failure crash (DoS) via integer overflow.
  • Alert on Redis process crashes (assertion failures) following HRANDFIELD or ZRANDMEMBER command execution, as this is the observable impact of successful exploitation.
  • ·Affected Redis versions are 6.2.x up to (not including) 6.2.9, and 7.0.x up to (not including) 7.0.8. Exploitation requires authenticated access to Redis.
  • ·There are no known workarounds; the only remediation is upgrading to a fixed version.

CVSS provenance

nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
osv5.5MEDIUM
vendor_debian5.5MEDIUM
vendor_msrc5.5MEDIUM
vendor_redhat5.5MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.